[Kamailio-Users] Kamailio 3.0.1

dotnetdub dotnetdub at gmail.com
Fri Mar 26 01:16:16 CET 2010 

Hi Alex,

Kamailio seems to be completely ignoring the fact that auth and auth_db are
loaded. the modules are loaded but when a call is placed it doesn't do any
SQL queries (except for accounting) and the call is placed without being
authenticated.

ROR: auth [challenge.c:283]: no authorized credentials found (error in
scripts)

loadmodule "auth.so"
loadmodule "auth_db.so"


# auth_db

modparam("auth_db", "db_url", "mysql://openser:xxxxxxxxx@localhost/openser")
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "password_column", "password")
modparam("auth_db", "load_credentials", "$avp(s:rpid)=rpid")

# auth

modparam("auth", "rpid_avp", "$avp(s:rpid)")
modparam("auth", "rpid_prefix", "<sip:")
modparam("auth", "rpid_suffix","@xxxxxx.ie
;party=calling;id-type=subscriber;privacy=off;screen=yes>")

: DEBUG: <core> [sr_module.c:871]: DEBUG: init_mod: auth
: DEBUG: <core> [sr_module.c:871]: DEBUG: init_mod: auth_db
: DEBUG: <core> [sr_module.c:509]: find_export_record: found <bind_auth> in
module auth [/lib/kamailio/modules_k/auth.so]
: DEBUG: <core> [route.c:911]: fixing proxy_authorize()
: DEBUG: <core> [route.c:911]: fixing www_authorize()
: DEBUG: <core> [route.c:911]: fixing proxy_authorize()
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (-127): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (1): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (2): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (3): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (4): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (5): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (6): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (7): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (8): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (9): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (-1): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (-1): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (10): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (0): auth_db


I have #!kamailio at the start of the config. Am I missing something really
obvious? Maybe there is much more for config compat. from 1.x.x to 3.0.x

Stephen



On 25 March 2010 22:11, Alex Balashov <abalashov at evaristesys.com> wrote:

> Is the type of the 'rpid' column 'varchar'?
>
> Odd data type incompatibility or client library version incompatibility
> might explain it.  I agree that it is bizarre.
>
> Perhaps it would behoove you to turn on query logging on MySQL and verify
> that the 'rpid' column is actually being selected in the query.
>
> The only other thing I can think of would relate to one of the various
> db_mode settings involved.
>
>
> On 03/25/2010 06:08 PM, dotnetdub wrote:
>
>  Hi Alex,
>>
>> I modified the script, same result. sip[8892]: INFO: <script>: [ROUTE-4
>> ->] rpid test: <null> and the rpid is not being added.
>>
>> Very odd..
>>
>> Stephen.
>>
>> On 25 March 2010 21:57, Alex Balashov <abalashov at evaristesys.com
>> <mailto:abalashov at evaristesys.com>> wrote:
>>
>>    On 03/25/2010 05:53 PM, dotnetdub wrote:
>>
>>        Attached:
>>
>>            if(is_uri_host_local()) {
>>                         if(!allow_trusted()) {
>>                                 if(!proxy_authorize("", "subscriber")) {
>>                                         proxy_challenge("", "1");
>>                                         exit;
>>                                 }
>>
>>                                 else if(!check_from()) {
>>                                         sl_send_reply("403", "Forbidden");
>>                                         exit;
>>                                 }
>>                         }
>>
>>                         else {
>>                                 sl_send_reply("403", "Forbidden");
>>                                 exit;
>>                         }
>>                 }
>>
>>                 append_rpid_hf();
>>
>>                 consume_credentials();
>>
>>
>>    There is no guarantee that either append_rpid_hf() or
>>    consume_credentials() runs if and only if proxy_authorize() was called.
>>
>>    Also, it is not clear why check_from() is at a relationship of
>>    logical disjunction vis-a-vis to proxy_authorize().  While not
>>    incorrect, it obfuscates the flow.
>>
>>    Try this and see if the problem continues:
>>
>>
>>       if(is_uri_host_local()) {
>>
>>                    if(!allow_trusted()) {
>>
>>                            if(!proxy_authorize("", "subscriber")) {
>>                                    proxy_challenge("", "1");
>>                                    exit;
>>                            }
>>
>>                            if(!check_from()) {
>>                                    sl_send_reply("403", "Forbidden");
>>                                    exit;
>>                            }
>>
>>                            append_rpid_hf();
>>                            consume_credentials();
>>                    }
>>
>>                    else {
>>                            sl_send_reply("403", "Forbidden");
>>                            exit;
>>                    }
>>            }
>>
>>    --
>>    Alex Balashov - Principal
>>    Evariste Systems LLC
>>
>>    Tel    : +1 678-954-0670
>>    Direct : +1 678-954-0671
>>    Web    : http://www.evaristesys.com/
>>
>>
>>
>
> --
> Alex Balashov - Principal
> Evariste Systems LLC
>
> Tel    : +1 678-954-0670
> Direct : +1 678-954-0671
> Web    : http://www.evaristesys.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/users/attachments/20100326/5082f1f0/attachment.htm>

More information about the Users mailing list